December 2017: Your Mobile Devices Won’t Secure Themselves!

Mobile devices are everywhere — pockets, purses, nightstands, cars — and so are the security threats related to their use. Add to that the use of home networks, cloud backups, and the Internet of Things, and the risk escalates! Educate your end users about what they can do now to secure and protect their data and their devices, wherever they may be. To get started, customize and use the following ready-made messages for your community.

Get the Word Out

Newsletter or Website Content

Mobile security at one time meant using a laptop lock and keeping tabs on your phone. However, the growing capabilities and use of mobile devices — coupled with the ubiquity of smart devices stitched into the very fabric of our daily lives (figuratively and literally) — now require a more sophisticated defense-in-depth approach to match the growing threat. Following are a few things you can do to protect your devices and personal information on campus, at home, or at work.

• Secure your devices with a strong password, pattern, or biometric authentication. Check the settings for each device to enable a screen-lock option. For home routers, reset the default password with a strong one.
• Install anti-malware. Some software includes features that let you do automatic backups and track your device.
• Check your Bluetooth and GPS access. Disable these settings on all devices when not needed and avoid using them in public areas.
• Update your devices often. Install operating system and application updates when they become available.
• Review phone apps regularly. Remove any apps you don’t use. Be selective when buying or installing new apps. Install only those from trusted sources and avoid any that ask for unnecessary access to your personal information.
• Treat devices like cash! Don’t let your devices out of your sight or grasp. Maintain physical control of your device in public areas. Get a lock (alarmed is best) for your laptop and use it.
• Keep it sunny in the cloud. Whether using Google Drive, Dropbox, OneDrive, iCloud, Amazon Drive, or any of the many cloud options, set privacy restrictions on your files to share them only with those you intend. Protect access to your cloud drive with two-factor authentication.
• Create a secure wireless network. Configure your wireless router to protect your bandwidth, identifiable information, and personal computer. Secure it with proper set up and placement, router configuration, and a unique password, using the strongest encryption option. See http://www.wi-fi.org/ for more tips.
• Protect your Internet of Things (IoT) devices. Are you sharing your livestreaming nanny cam with the world? Review privacy settings for all Internet-ready devices before connecting them to the web.

Source: STOP. THINK. CONNECT. Wi-Fi poster

Figure 1. Use this image to support your message.

Social Posts

Note: These are Twitter-ready, meeting the 140-character length restriction.

• Check your Bluetooth and GPS access. Disable them when not needed and avoid using in public areas. #MobileSecurity #CyberAware
• Review phone apps often. Remove those you don’t use; take care when adding new ones. Why do they need your info? #MobileSecurity #CyberAware
• Buy or install new apps only from trusted sources & avoid apps asking for unneeded access to personal info. #MobileSecurity #CyberAware
• Keep it sunny in the cloud. Protect access to your cloud/online drive with 2-factor authentication. #MobileSecurity #CyberAware
• Secure home Wi-Fi with proper set up & placement, router config, & strong encryption: www.wi-fi.org #MobileSecurity #CyberAware
• Anti-malware for your smartphone? Yes! Some let you do auto-backups & track your device. #MobileSecurity #CyberAware

E-Mail Signature

Ask staff members to add a tip to their e-mail signature block and a link to your institution’s information security page.

Embed or Share Videos

Quick tips for mobile Internet use (0:30 sec)

Easy ways to protect yourself when using a mobile device (2:36 min)

PSA on the importance of passwords on mobile devices (0:32 sec)

Resources

Share these resources with end users or use them to inform your awareness strategy.

• Use the free STOP. THINK. CONNECT. Wi-Fi Hotspots poster (see figure 1).
• Share the brief educational videos above.
• Learn more about mobile device safety from the STOP. THINK. CONNECT. campaign.
• Read two helpful Federal Trade Commission articles: “Understanding Mobile Apps” and “Disposing of Your Mobile Device.”
• Check out these mobile device tips from the National Cyber Security Alliance.
• Review US-CERT’s advice on securing wireless networks.
• Explore the SANS OUCH! newsletters, including one that gives an overview of the Internet of Things (IoT) [https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201605_en.pdf] and focuses on how to protect IoT devices.
• Investigate Federal Communications Commission (FCC) resources, including a tip sheet on “Protecting Your Smart Device from Theft” and a consumer guide on “How to Report a Lost or Stolen Device.”
• View Brown University’s video on the safe use of a smartphone, especially when walking at night.
• Share these infographics: Security and the Internet of Things, Is Your Home Safe from Hackers?, and Mobile Device Security.

Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).